# IF YOU ARE USING $tasks/base.yml this is redundant 
# this is split out only for some of the cloud boxes

- name: install iptables if not installed
  yum: name=iptables state=present
  when: ansible_distribution == 'RedHat'
  tags:
  - iptables
  - packages

- name: install iptables-services if not installed
  yum: name=iptables-services state=present
  when: ansible_distribution == 'Fedora'
  tags:
  - iptables
  - packages

- name: iptables service enabled
  service: name=iptables state=running enabled=true
  tags:
  - iptables
  - service

- name: iptables
  action: template src={{ item }} dest=/etc/sysconfig/iptables mode=600 backup=yes
  with_first_found:
    - "{{ iptables }}"
    - "{{ files }}/iptables/iptables.{{ ansible_fqdn }}"
    - "{{ files }}/iptables/iptables.{{ host_group }}"
    - "{{ files }}/iptables/iptables.{{ env }}"
    - "{{ files }}/iptables/iptables"
  notify:
  - restart iptables
  tags:
  - iptables
  - config
